User manual
Security
mySND User Manual 86
certificate signed by a CA. The RADIUS server and the print server
must validate the certificate. After the mutual authentication was
successful, the access to the network will be freed.
Since each device needs a certificate, a PKI (Public Key
Infrastructure) must be available. User passwords are not necessary.
If you want to use the EAP-TLS authentication, you must observe
the instructions below in the indicated order. If this procedure is not
adhered to, the SND Server in the network may not be addressable.
In this case you have to reset the SND Server parameters; see:
Ö93.
Procedure
• Create a certificate request on the SND Server; see: Ö80.
• Create a CA certificate using the certificate request and the
authentication server.
• Save the CA certificate on the SND Server; see: Ö80.
• Save the root certificate of the authentication server on the SND
Server; see: Ö81.
• Enable the authentication method 'EAP-TLS' on the SND Server.
Proceed as follows:
1. Start the mySND Control Center.
2. Select SECURITY – Authentication.
3. Select TLS from the Authentication method list.
4. Click Save & Restart to confirm.
ª The settings will be saved.
Configuring EAP-TTLS
Benefits and
Purpose
EAP-TTLS (Tunneled Transport Layer Security) validates the identity
of devices or users before they gain access to network resources. You
can configure the SND Server for the EAP-TTLS network
authentication. This makes sure that the SND Server gets access to
protected networks.